Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eabe5f0a-b07f-4774-8e43-2884178254ff.roa
File:                     eabe5f0a-b07f-4774-8e43-2884178254ff.roa (raw, json)
Hash identifier:          tbHNuC4ATrBSzWw7Asetcr7F+vfXx00h7Zc6degV8/k=
Subject key identifier:   CB:0F:D1:44:68:6A:C6:EA:95:CF:F0:65:4F:CF:12:3E:0A:B1:DD:B8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5ABC286FC1A4D922172A9CC1FD485DBB6ABD3C04
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eabe5f0a-b07f-4774-8e43-2884178254ff.roa
Signing time:             Tue 14 Oct 2025 16:01:29 +0000
ROA not before:           Tue 14 Oct 2025 16:01:29 +0000
ROA not after:            Tue 18 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff9::/32 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:bc:28:6f:c1:a4:d9:22:17:2a:9c:c1:fd:48:5d:bb:6a:bd:3c:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 14 16:01:29 2025 GMT
            Not After : Nov 18 23:59:59 2025 GMT
        Subject: serialNumber=ae140a7fb1d39c7d94131bdb728d8ea547ea2604b309c694348df19210d93f97, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:c2:a7:06:da:27:8c:09:66:4d:f0:cb:7a:2e:
                    cf:87:75:dd:82:da:56:32:10:db:4b:32:18:a6:74:
                    dc:fd:d6:f4:d1:41:fb:06:a9:9f:9e:3a:e5:0c:7d:
                    b9:f8:18:76:44:55:e7:7d:e7:54:94:ff:d7:0a:b4:
                    fe:74:17:89:48:db:9d:1f:40:23:48:c3:d9:c8:05:
                    63:21:5b:c1:e2:88:fe:c0:f1:c5:3c:7d:c7:42:a0:
                    f4:d4:f7:bf:fa:09:d9:5e:c8:6a:50:3d:8a:34:ee:
                    c9:0c:e0:d6:ed:70:49:9e:0b:2a:95:97:33:cb:06:
                    9d:a5:a3:85:c9:28:b9:3f:f0:b5:c9:ed:93:5f:3c:
                    27:c2:b0:7a:e8:89:2d:51:da:25:ad:0b:51:e8:1d:
                    92:93:c9:93:06:cf:26:98:90:93:d1:61:b7:9a:b5:
                    a6:58:3f:88:6e:88:2a:a7:eb:de:f4:46:94:fd:33:
                    12:d5:fe:5e:c6:78:06:f7:f1:81:80:5a:44:3c:ea:
                    12:9f:7a:c0:23:01:87:04:bf:ee:72:7a:08:1e:26:
                    b1:89:13:f4:af:98:2d:97:81:da:46:de:d9:df:e5:
                    75:04:64:7d:e9:4d:f1:08:17:2b:b5:e3:69:b8:0a:
                    98:75:1a:95:4f:f5:b5:94:58:15:12:c5:2a:8a:c1:
                    39:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:0F:D1:44:68:6A:C6:EA:95:CF:F0:65:4F:CF:12:3E:0A:B1:DD:B8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eabe5f0a-b07f-4774-8e43-2884178254ff.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff9::/32

    Signature Algorithm: sha256WithRSAEncryption
         9c:84:2b:06:44:c4:14:f5:a9:e3:b9:fb:f5:c1:a7:ad:4e:fb:
         74:de:5e:8c:f6:6c:ed:f8:e6:2b:0f:40:8e:c8:f5:06:c8:06:
         69:55:a7:3a:6d:3d:aa:b4:57:44:5a:1f:96:65:dc:c2:18:11:
         5d:56:25:af:43:af:9b:6e:6b:cb:d3:8a:90:6f:07:8d:31:54:
         ea:f4:b6:01:71:db:05:3d:2a:b6:b9:33:2c:6e:88:cb:d7:d9:
         9d:ac:b5:18:59:a4:37:05:6a:68:a5:90:51:b2:8f:aa:fa:a9:
         17:d3:1a:2b:01:4e:88:3d:ab:cd:ba:a9:db:a3:26:c6:31:03:
         02:66:9a:6a:fb:9d:a1:54:1c:b2:b6:3f:69:14:2b:54:16:d7:
         9c:25:2b:42:fa:49:4f:a9:2a:66:3f:c5:15:d9:52:a3:25:23:
         25:c7:39:8b:67:d0:49:f3:95:79:1b:1b:25:b9:76:4d:e1:66:
         dc:6d:c5:4e:b1:07:88:e1:92:da:0b:95:fb:11:6e:1d:9c:86:
         03:fc:dd:da:46:d3:22:e3:91:6f:87:2e:04:91:c9:03:8b:b2:
         2b:c1:27:6f:75:27:6b:b3:b8:e2:65:83:ec:b6:0d:d3:ec:80:
         7c:39:d2:c9:bd:b8:02:b1:fd:69:a0:28:c8:43:4e:ee:cd:fb:
         02:22:5e:e7
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUWrwob8Gk2SIXKpzB/Uhdu2q9PAQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE0MTYwMTI5WhcNMjUxMTE4MjM1OTU5
WjB6MUkwRwYDVQQFE0BhZTE0MGE3ZmIxZDM5YzdkOTQxMzFiZGI3MjhkOGVhNTQ3
ZWEyNjA0YjMwOWM2OTQzNDhkZjE5MjEwZDkzZjk3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVwqcG2ieMCWZN8Mt6Ls+Hdd2C2lYyENtLMhimdNz91vTR
QfsGqZ+eOuUMfbn4GHZEVed951SU/9cKtP50F4lI250fQCNIw9nIBWMhW8HiiP7A
8cU8fcdCoPTU97/6CdleyGpQPYo07skM4NbtcEmeCyqVlzPLBp2lo4XJKLk/8LXJ
7ZNfPCfCsHroiS1R2iWtC1HoHZKTyZMGzyaYkJPRYbeataZYP4huiCqn6970RpT9
MxLV/l7GeAb38YGAWkQ86hKfesAjAYcEv+5yeggeJrGJE/SvmC2XgdpG3tnf5XUE
ZH3pTfEIFyu142m4Cph1GpVP9bWUWBUSxSqKwTlbAgMBAAGjggKyMIICrjAdBgNV
HQ4EFgQUyw/RRGhqxuqVz/BlT88SPgqx3bgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VhYmU1ZjBhLWIwN2YtNDc3NC04ZTQzLTI4ODQxNzgyNTRmZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC
MAcDBQAmAB/5MA0GCSqGSIb3DQEBCwUAA4IBAQCchCsGRMQU9anjufv1waetTvt0
3l6M9mzt+OYrD0COyPUGyAZpVac6bT2qtFdEWh+WZdzCGBFdViWvQ6+bbmvL04qQ
bweNMVTq9LYBcdsFPSq2uTMsbojL19mdrLUYWaQ3BWpopZBRso+q+qkX0xorAU6I
PavNuqnboybGMQMCZppq+52hVByytj9pFCtUFtecJStC+klPqSpmP8UV2VKjJSMl
xzmLZ9BJ85V5GxsluXZN4WbcbcVOsQeI4ZLaC5X7EW4dnIYD/N3aRtMi45Fvhy4E
kckDi7IrwSdvdSdrs7jiZYPstg3T7IB8OdLJvbgCsf1poCjIQ07uzfsCIl7n
-----END CERTIFICATE-----